Cisco CCNP TSHOOT - Troubleshoot BGP

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
you hi this is David Voss CCIE 1 1 3 7 2 and in this video we're going to be troubleshooting BGP specifically you're going to learn BGP data structures and troubleshooting commands and then we'll do a bgp troubleshooting challenges will give you a couple scenarios for you to see if you can figure out what's going on so so the BGP data structure is unique now you have your incoming router information your outgoing router information but here's what's actually happening this information is being inserted into the BGP table as well as any ruts that are being redistributed the BGP table then is providing the best path route based on the BGP best path decision matrix which you'll learn a little bit more about in this video but if you'd like to know more about that in detail please see how to networks ccnp routing videos for specific details on how BGP chooses best paths and here's a reminder that BGP neighbors do not need to be directly connected so this is why they're not always just called neighbors that called peers they can be multiple hops away but still share routing updates as you saw in the earlier diagram BGP maintains two data structures the neighbor table which contains status information about BGP neighbors and then there's the BGP table that contains all of the network prefixes learned from all of the BGP neighbors now know what a BGP table is not the routing table it is a BGP table which contains all the prefixes learned only select routes are inserted into the routing table routes are inserted into the BGP table the advertisements received from BGP neighbors or they could be locally injected routes but the thing is these routes must be present in the IP routing table so you can inject routes learned locally or known locally and inject those into the BGP table for advertisement now BGP selects what is considered the best drought using the best path decision matrix which we'll go over on a high-level in this video but then that best route chosen by BGP from the BGP table that best route is inserted into the IP routing table and that best route is the route which is shared with BGP peers and BGP offers just like OSPF or ei GRP features that will allow you to filter routes advertise to BGP to BGP peers or received from them and this is often used because the BGP table can be so large and a BGP filtering is very important for any environment but especially when you're troubleshooting you want to understand filtering in case you're filtering out certain networks you don't want to be or allowing certain networks that you do not want to have advertised so again here's the here's the data structure and the key here is to understand that BGP has a BGP table which contains all prefixes and only the best path is inserted into the IP routing table and then there's the neighbor table which has the status of all bgp neighbors you how does BGP choose the best path well here it is specifically you can go through this list and here's what takes preference the highest weight which is Cisco specific if you program a weight to be higher than for one prefix then another it will choose that path then local preference and then if it's originated by BGP on the local router the shortest a/s path lowest origin type Lois med and then e BGP is preferred over ibgp the lowest IGP network to the BGP next top and the lowest bgp router ID most decisions for BGP routing either be made in the first five steps five or six steps you need to memorize this for sure on your tests you will be you will be tested on this if you want to know more about BGP please see the videos in the IP routing videos and we go into BGP in detail now let's get back to troubleshooting so here's some typical reasons why bgp neighbor ships fail specifically a s the ask numbers must match between what you have programmed for a neighbor and what they actually are or what you actually are what they have programmed for you so when you program a bgp neighbor and let's say that neighbor is a s200 you have to program that neighbor as a s200 if you program that neighbor as a S 30 or 201 that neighbor ship is not going to come up another major reason why bgp neighbor ships fails is the fact that BGP uses port TCP port 179 now why is this important well often BGP is run through a firewall and if you run BGP through a firewall you need to make sure that TCP port 179 is in fact allowed finally routers may send BGP messages sourced from IP address that does not match the IP address configured for the router on the peer when a neighbor programs a neighbor relationship to you it needs to point to a specific IP address and the IP address needs to be the source of your updates to that router the the point with bullet point 1 & 3 is that BGP is a protocol that is specifically manual that is manually configured and actually personally this is what I like about BGP BGP rarely does anything for you without you specifically telling it what to do if you want a neighbor list ship to come up you need to specifically tell it what neighbor you want to come up what a s they are what IP address they are and that way you know exactly what kind of environment you're rolling out the disadvantage to that is that you can make a lot of typos in a simple typo can cause a lot of headaches and trying to get your neighbor relationships up and trying to troubleshoot so a good rule of thumb and troubleshooting BGP often is just make sure you've programmed it correctly or if you're working with an ISP and you can't see what they've programmed be sure to talk over the phone about what you have programmed for one another I think you'll find that many cases just simple programming errors are what caused BGP problems let's take a look at some of the BGP troubleshooting commands the first is probably the most popular command you're gonna run and that's the show IP show IP BGP summary it's going to show you the neighbor table a quick summary of it your your local router router ID and a s number for your neighbors as well also their current state any prefixes they're sending or receiving or the number of them it's a very good view of the neighbor lat how neighbor ships are functioning next show IP BGP neighbors which then displays detailed information about BGP neighbors of a router specifically you should start with show IP BGP some if you need to get more granular then you can do show IP BGP neighbors I think you'll find in 90% of the cases show IP BGP summary will provide you enough information for you to really get started in isolating the issue then there's show IP BGP and you'll remember what the BGP table is well this displays that table all the network prefixes that have been learned our via BGP are in this table there's debug IP routing which as you know is not specific to BGP but it will display updates that will occur in the routers IP routing table and it gives you understand of what's going into the routing table from the BGP table and then there's show IP route BGP which can save you a lot of time and digging through interior gateway protocol other providing protocol routes and then debug there's debug IP bgp updates where you can actually view the BGP exchanges to and from your BGP neighbors if you want and need real-time information about these updates sent and received so let's jump into the lab so let's start off nice and simple and let's just take a look at a simple BGP problem that we can face there is a complaint that a BGP neighbour relationship we are no longer receiving routes from a specific BGP neighbor specifically the users in the hub site router four are saying that they're not receiving BGP routes from router two so let's go ahead and take a look and see what's going on let's take a look at our routes our BGP routes and on router for sure enough we're not receiving any routes from router - we're just getting BGP routes from router one we want to see the loopback from router two advertised to us so show IP BGP some which I told you was a very popular command we can see that our neighbor relationship to router 2 is in fact down knowing this let's jump on runner 2 and just take a look at what we see here and show IP BGP some we see the one neighbor it's programmed correctly but the neighbor late ship is in fact down so that we have neighbors program for router 2 in router for they're pointing to each other but the neighbor relationship is not coming up we see our serial interface 172 16 1.2 and on router 4 do you see what the problem is sure enough we are pointing to 172 16 2.2 we need to change that to 1.2 and once we do that the neighborhood ship will come up now this seems like a real simple problem it is but the fact is the one of the reasons we're doing this is that this isn't often a problem you will see when you're initially configuring BGP for the first time with a neighbor there there are the IP addresses to ISPs are often not as straightforward obviously as a 170 216 address and all it takes is one simple typo of one octet and the neighborhood ship does not come up and here we we've fixed the problem and now the neighbor lationship is up between router 1 or between router for and router 2 and here we can see on router for the neighbor light ship is working fine and here's our BGP table show IP BGP IP route BGP for the routing table and there is the route so everything is working fine now the neighbor relationship is up it since the route is inserted into the BGP table and then also insert it into the routing table let's move on to our next troubleshooting scenario we have an administrator an engineer who actually works on router two and he's saying he sees something very odd that when he looks at routes on router to these bgp routes show that they're coming directly from router one which doesn't make sense to him because these router two and router 1 are both spoke routers not hub routers and our only bgp neighbor is actually 172 16 1.4 which is the hub router so he can't figure out why these routes from router 1 are showing up in his routing table as being advertised via router 1 because he has no direct connection so we are to investigate what's going on here and we can see on router 2 that the network 10.10 dot dot the next hop is actually router 1 172 16 1.1 that is router ones frame relay interface and he wants it and we need to figure out why that is or what's going on and if that's if it's wrong we need to fix it and if it's right we need to explain it so let's jump onto router for this is the hub router let's just take a look and here is the route we are in fact learning it from router 1 1 7 to 16 1.1 and that would be our next hop from router 4 because we are on the frame relay Network and we are the hub and they are the spoke and if we took a look at our BGP neighbors show IP BGP some we see that we have neighbor relationship to 172 16 1.1 and 1.2 which is router 1 and Rotter 2 so it seems to look ok on router for we're receiving this route just fine the next hop is just fine because that neighbor is in fact 1.1 so that's not so much of an issue the question is why is this showing up on router 2 let's hop over to router 1 and we see in fact that routers one router ones only bgp neighbor is the hub router router four it's important to note that within bgp the next hop value of a bgp network advertisement that leaves in a s is the IP address of the router at the exit point from the a s that advertisement is sent through ibgp to neighbors but the next hop attribute remains the same usually a router inside an es does not have a route to external IP address from the next time so if you would like this to change you need to program within bgp the next hop self-command next hop self will force all updates from one router to show itself as the next hub instead of the originating advertiser this is unique to bgp but important for troubleshooting purposes to understand why a certain route is showing with the next hop that might be multiple hops away and now that we program next hop self on router for you can see on rudder too that the next hop is in fact now the hub router so there wasn't necessarily a problem as long as the next hub is reachable but you may get a call saying why is something working this way and ideally in a network rollout you're gonna want your hub router to be your next hub now for our final bgp lab what we'll be doing is logging into router 4 and we see on router for that the neighbor relationship to a neighbor 10.20 dot 20.1 is not coming up so we need to investigate why this nib relationship is is not working now this is a new neighbor to us we are creating a neighbor lationship to the loopback of router to and what we'll do first is we'll debug IP bgp and then the IP address of the neighbor we want to view updates on and then we'll debug IP BGP you and this time we'll just type in debug IP bgp so we're clearing IP bgp and as you can see here there is no communication to the neighbor the ten dot neighbor we don't see any updates coming to or from that neighbor so obviously something is very wrong here not only is a neighbor relationship not up but there's not even attempt to try to establish this neighbor relationship so there's some sort of limitation in place and if we look under the router bgp configuration let's see if you can spot what the problem is you see here on router for the neighbor 10.20 20.1 and I think sort of salute back 100 so that appears to be correct and if you haven't noticed anything yet here's just a reminder that in bgp when you're going look back to loop back on evey GP sessions you need to enable ebgp multi-hop and will set it to 3 if you do not enable ebgp multi-hop it will only attempt to communicate with the next hop if they if a peer address is more than one hop away that ebgp session will not establish and it's not enough just to enable ebgp multi hop on one side of the link you need to login to the other side as well and add ebgp multi-hop if you're communicating to the loopback of the other router and now that we have a bgp multi-hop enabled the neighbor relationship will come up between these two and this is definitely something you'll be tested on and you can count on it being something that you will see on your troubleshooting exam so here's what you've learned you've learned about GP data structures bgb troubleshooting commands and we've given you a few bgp troubleshooting challenges but again the best thing you can do is configure BGP in your lab have someone come in and make a few changes and break your lab and see if you can figure out how to fix it good luck in your studies
Info
Channel: Paul Browning
Views: 39,022
Rating: 4.8567166 out of 5
Keywords: Cisco Career Certifications
Id: OBaMdR4esTo
Channel Id: undefined
Length: 20min 37sec (1237 seconds)
Published: Tue May 06 2014
Related Videos
Advanced BGP - Attributes, Configuration & Troubleshooting
Paul Browning
3.1K
BGP Troubleshooting Ticket 1
Network Engineer Stuff
6.6K
How to troubleshoot a slow network
Ben Piper
111K
BGP Configuration on Cisco IOS.
Keith Barker
208K
Networking Week: Understanding and Implementing Spanning-Tree Protocol
INEtraining
8.9K
VRF-aware Routing: MPLS Layer 3 VPN Configuration
Kevin Wallace Training, LLC
18K
Basic BGP troubleshooting in MPLS VPN networks
Ivan Pepelnjak
48K
BGP Introduction - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012
Sikandar Shaik
313K
Subnet Mask - Explained
PowerCert Animated Videos
354K
CCNA Routing & Switching:Troubleshooting OSPF
Sikandar Shaik
19K
CCNP -Troubleshooting BGP neighbor failure
V J
4K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.